Hello!
On Thu, Mar 15, 2012 at 01:52:26PM +0100, Antonio P.P. Almeida wrote:
> > Hello!
>
> Hello Maxim,
>
> > Matthew Daley recently discovered a security problem which may
> > lead to a disclosure of previously freed memory on specially
> > crafted response from an upstream server, potentially resulting in
> > sensitive information leak.
> >
> > Patch for the problem can be found here:
> >
> > http://nginx.org/download/patch.2012.memory.txt
> >
> > The patch is not required for 1.1.17, 1.0.14.
>
> There's a CVE # for it? Someone asked me about it on twitter.
No.
Maxim Dounin
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx